CVE-2025-34081

Summary

The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.

Affected Software

VendorProductVersion RangeStatus
Contec Co.,Ltd.CONPROSYS HMI System (CHS)0 < 3.7.7affected

Weaknesses

  • CWE-215: CWE-215 Insertion of Sensitive Information Into Debugging Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References